Document for Operation (DFX)
DYNATRACE v2.0
Reference
Pages
22 of the Annexure (s) :
Index
2.0
Accessibility
Access Reserved
Restricted
Internal (CSPI)
Free (GDF Suez)
Key(s) Word(s)
Classification
Editor(s)
Verifier(s)
Approver(s)
Name/Entity
Date/Visa
Name/Entité
Date/Visa
Name/Entité
Date/Visa
name first name
Name pré nom,
fonction
Integrator of the
Operation
List of Persons
Entities
Index
Date
Author(s)
Statement(s)
1.0
06/08/2013
I. Lim + S.
Emiel
Creation of the document on the basis of the PTE
supplied by Compuware
2.0
21/10/2013
P. Meurisse + Y. Métivier
+ S. Emiel
Upgrade following the cross-checking by ATOS
Brief Summary
1 General description of the application
1.1 Application Purpose
1.1.1 Actualization of the implementation project, of Compuware DCRUM and Dynatrace for GrDF
The Information System department of GrDF wishes to set up a solution for the monitoring and reporting
on the critical applications so as to identify the sources of their degradation and improve their
performance.
A joint operational programme was done with the Vantage Solution (V11.6) and Dynatrace of Compuware
on four applications taken as reference points (on those most critical)
- O2 with 2 points of reference
- Caribbean area with 2 reference points
- SIG-GAZ with 1 or 2 test point
- CII-GAZ with 1 test point
GRDF wishes to put into production this solution by covering the same scope of the application as the JOC
then to enlarge it by progressively integrating a number of more important applications (≈50
applications).
The deployment in the production of the Compuware Solution will be done with the V12 DCRUM version
by reusing the AMD of the JOC while waiting for the delivery of the AMD targets
1.1.2 Implications for GDFSUEZ-IT
The challenge for GDFSUEZ-IT is to delivery internally a solution for the surveillance of application
performance.
This offer allows the clients to satisfy the following needs:
Measure the user experience through the availability/ performance of the applications.
Arrange for a local or topical observation (user/ sites affected) to recognise the impact of a
degradation and accelerate the rate of diagnostic in case of incidents.
When the case permits, have internals application indicators available to more accurately
identify the source of the degradation.
The proposed solution is not a solution of audit application or of troubleshooting of the incident. It aims
to detect the degradations of the application performances and to provide the indicators for encrypted
communication of the entities concerned.
The solution retained is DCRUM, which offers the vision of service centred on the user experience and
delivered by the assembly of the resources of IT.
This solution should allow GrDF to supply a management of the end to end of the performance of the
applications and to respond to their profiles (study case to case) to the following problems:
Visibility of the level of service offered to the user. Offer of the visibility of the quality of the
service based not only on the vision of the components or the technology but based on a final vision
of the user.
Prioritization of the incidents: Understanding the business impact to prioritize the actions with
efficiency.
Isolation of the incidents: Rapidly identify the domain of
application at fault.
Resolution: Benefit from tools adapted to localize the problem and
solve it.
Communication: Communicate effectively by giving the right
information to the right persons i.e. to the operational team, those
responsible for IT and business managers.
Improvement: Implement the processes which is appropiate for
analyzing the results and identifying the areas of improvement.
1.2 General operation
The Dynatrace platform includes a Dynatrace server, a collector and a Dynatrace Analysis Server
installed on an ISV and the Dynatrace agents installed on the third parties application O2.
The database of the Dynatrace server is installed locally on the ISV.
1.3 Main Personnel
1.3.1 List of the « contributors of the operation »
People
Entity
Function
Telephone
BAL
Manager of the
O² application
Perrine The
bas
GrDF
DSI Domain of
Network Performance
06 83 24 64 28
01 71 18 58 15
NetRun
TSM
Operation of the
network
Dsi-One-It-Tsm-NetRun-
Datacenters-Security
SRM GrDF
ASM
Technique of
Operation
dsi-one-it-asm-srm-
grdf@gdfsuez.com
dsi-one-it-asm-middthe
ware_windows@gdfsuez.com
ESM
Expert
Opinion
+33 (1) 49.18.84.66
+32 (2) 206.33.26
its.monitoringdesign@electrabel.com
dsi-cspi-supervision@gdfsuez.com
SU&W
ISM
Outsourcer
Management
+33 (1) 49.18.85.00
it-infra-ism-suw@gdfsuez-it.com
Atos
Atos
LOT6
OS Operator
it-infra-lot6@gdfsuez-it.com
Remark: Always Indicate « DYNATRACE » at the start of the mails..
1.3.2 Who can validate the stop-start of the application
In case of the occurrence of an incident, only the POA or the person responsible for the MCO can validate a stop-
start, either partial or global of the application.
POA - O² GrDF Perrine Lebas
1.3.3 List of people authorized to implement the requirements of the application
Only the following people are authorized to carry out the work required for the application :
GrDF: Perrine The bas GrDF
ESM : g_dsi_cspi_supervision_sn3
ASM: EXP_DSI-ONE-IT-ASM-GRDF_SN2
ISM: G_DSIG_PEXSI_SN2
1.4 Distribution of the activities of the operation for the application
Utilisateurs finaux : Final Users
Service Desk
Support 1ere ligne (GrDF): Frontline support (GrDF)
ASM (GDF- Suez IT)
ESM (GDF- Suez IT)
TSM (GDF- Suez IT)
SUW (GDF- Suez IT)
Compuware
1.4.1 Operation of the system
Machine
Technical
System
OS
Incharge
of the
operation
h1w1dcr00c.dc.infra.com
PRD:
SRV_DYNATRACE
Windows 2008 R2
Atos LOT6
SUW (ATOS) will be responsible for the operation of the IS.
In case of an event occurring on DYNATRACE, the patrol supervison agent generate a Simulated Event note at
ARIs which processes this event and if the need arises escalates it to GDF SUEZ IT - SUW.
SUW transfers this event then to GDF SUEZ IT ESM -BAL Dsi-Cspi-Supervision and informs the GrDF referee in
ASM so that it may alert GrDF of the event. The ASM redirects it towards appropriate technical support
cells. Then ESM can address the needs of Compuware for the analysis and resolution of the event (sends
email to request the opening of the Support ticket of Compuware.)
1.4.2 SGBD Administration
Server
Base Name
Base Type
Administrator
H1W1DCR00C
DYNATRACE5
SQL Server standard
2008
PST / MIDDTHE WARE
WINDOWS
1.4.3 Technical and application lead
Surveillance, retrieval and installation of the middleware Compuware components.
GDF SUEZ IT does not monitor the technical applications with the Compuware tools; this is the responsibility of
the technical department
Outside this perimeter: All problems of the application linked to the use of the Compuware tools and all problems
detected by the Compuware tools on the GrDF applications.
DYNATRACE /
ASM for surveillance and taking into account the requirements/ events, then the
redirection towards the appropriate technical support cells (Intervention of
COMPUWARE via ESM).
ATOS via SU&W for the operation of the srvers and the backups.
Compuware/ESM for the analysis of the events, the audits of the application and the
procedure modifications.
1.4.4 Functional direction
The monitoring of the application lines with the Compuware tools is the responsibility of the GrDF department
1.5 Identification of the application
1.5.1 Trigram of the application
IO KIR = DYN
1.5.2 Application Environments
Environment
Server(s)
The level of service
Engagement (Standard or higher)
Production
h1w1dcr00c.dc.infra.com
N5/N5
Not Standard
Absence of Pre-Production
1.5.3 History of the application versions
Version
Production date
Sites
Content
5.5
S2
Dynatrace
1.6 Security, constraints, and the level of service
1.6.1 General level of service
Environment : PRODUCTION
Parameter
The vel of service
Classification of the application
No Specific Classification
Open section for the users
8H-18H 5/7
Availability level of EAC
7H-19H 5/7 (N5 / N5)
Administration level of the EAC
7H-19H 5/7 (N5 / N5)
DMZ intranet for the Reporting Servers
To be filled by TSM
PSI
None
1.6.2 Communication with other applications
Not relevant
1.6.3 Data and interfaces exchange
Not relevant
1.6.4 Exchange Flow chart
Not relevant
1.7 General Architecture
1.7.1 General Synopsis
1.7.1.1 Functional Architecture of DYNATRACE
Commanditaire : Originator
PC PLIMPOT : PC PLIMPOT
Frontal Web XXX Frontal Web XXX :
Agent dt : Dt Agent
Server of Monitoring S2 S2 Monitoring Server
Collecte dynatrace Dynatrace Collection
Server Dynatrace +Collecteur Dynatrace Server + Collecter
Windows Server 2008 Windows Server 2008
SQL server Standard SQL server Standard
Application Component Application Component
1.7.2 Physical architecture
Type
Number
ISV
1
1.7.3 Detailed description of the Servers
1.7.3.1 Configuration of the Physical Server :
N/A
1.7.3.2 PROD Environment
PROD Environment Server h1w1dcr00C
Component
Detail
Inventory Name
h1w1dcr00c
Mark and model
ISV VMware
RAM
8 Go
CPU (Number and
Frequency)
4 vCPU
Localisation
S2
@IP
10.249.4.196/26 (GW : 10.249.4.193)
Network Interfaces (type,
speed, mac)
Front End Card 10.249.4.196 (Priority Used)
Back end card10.249.36.196
Admin Card 10.249.68.196
Card10.249.132.196
Internal Disks (Number,
capacity, RAID type)
FC Cards
SAN Stockage
200 Go
Version OS
Windows 2008 R2
Software Products (Name et
version)
Compuware Software package DYNATRACE
1.8 Products necessary for the application
Warning, if a product, which is described, does not figure in the technical support reference by DSI, it is
important to indicate the replacement support defined by POP/POA.
1.8.1 Products of communication
1.8.1.1 Communication batch
Not relevant
1.8.1.2 Transactional Communication
Not relevant
1.8.2 Products of surveillance
BMC Patrol
1.8.3 Data Backup products
NETWORKER
1.8.4 Production Control Products
Not relevant
1.8.5 Data Support Product
MS SQL 2008 R2
1.8.6 Other products
Not relevant
1.9 Volumetry of the database files
1.9.1 List of the database and the foreseen development of the volumetry.
Base
Server
Volumetric
Reference
Date of the
Volumetric
Reference
% Growth
forecast
Basic Function
DYNATRACE5
h1w1dcr00C
200 Go
07/2013
0% per year
(quota to be
fixed)
Warehousing of the
data sent by the
DynaTrace Collector
1.9.2 Detail of the database files
DYNATRACE EVENT
Implementation Index
File
Size
Role
E:\Program Files\Microsoft SQL
Server\MSSQL10_50.MSSQLSERVER\MSSQL\Data\
dynatrace5.mdf
1,27 Go
Data File
F:\Program Files\Microsoft SQL
Server\MSSQL10_50.MSSQLSERVER\MSSQL\Data\
dynatrace5_log
3,31 Go
File s of transaction
1.10 Establishment of the application on the Server H1W1DCR00C (Production)
DYNATRACE
1.10.1 Configuration of the Internal disks
Type of stockage : DATA-STORE (ESX)
Disk Unit
Description of the Content
C (32Go)
System
D (15 Go)
Main software application
E (200 Go)
Stockage of the data of SQL Server
F (25 Go)
Stockage of SQL Server transaction log
G (15 Go)
Stockageof data and transaction report of the
temporary table of the SQL Server
1.10.2 Establishment of software other than the main
N/A
1.10.3 Establishment of the application and of the data
N/A
1.10.4 General Flow chart of the applications physical locations
N/A
1.10.5 Application accounts
WINDOWS :
Administration shared between PST method of operation ( admin account pst) and LOT6
( secadm account)
Account
Group
Utility of the account
Account
Incharge
Local Service
Local
Account used for the Dynatrace Windows
services
PST
sqlsvc
SQL
Database Service Account (connection
between Dynatrace and the Server SQL)
PST
Technical Accounts
Account
Group
Utility of the account
Account Incharge
AdminPST
Administrator
Account reserved for the PST Administrator
use
PST
AdminEXP
Administrator
Account reserved for the Tooling Expert
ESM Tooling
Expertise
2
2.1.1 List of application executables
Not applicablee because Compuware is responsible for assistance at level 3 on the application in case of an
event.
2.1.2 List of configuration and application parameters files
Not applicablee because Compuware is responsible for assistance at level 3 on the application in case of an
event.
2.1.3 List of System parameters
N/A Root Not modified
2.1.4 Detailed presentation of the Interface
3 Some concepts
Source (network): server, which initiates the IP connection.
Flow direction: « Mounting, » means that the « source » sends data to the « target», «descending, » means that
the « source » recovers data from the « target».
3.1 APPLICATION TREATMENT
3.1.1 General Synopsis of the treatment
Not applicable.
3.1.2 Calendar treatments
4 Standard SQL maintenance plan under the agesis of PST.
5 Operating instructions of the present System
5.1 Surveillance of the Server H1W1DCR00C
The definition of surveillance under the agesis of the Project is given in the document named « SDS »
(Supervision Services).
These surveillances had been implemented here by the Supervision Expert and the resulting incidents are
reported directly in the BEM: GDF / Applications / DYNATRACE, bypassing the BEM ATOS.
5.1.1 Surveillance of the Systems Files
Standard Surveillance.
In the case of the outstripping of the threshold of a disk unit other than C: (System), the event is rerouted to
ASM, of Group SIMILI: EXP_DSI-ONE-IT-ASM-GRDF_SN2.
Filesystem
Threshold
warning
Critical
Threshold
Assigned
Disk E
80
90
Contact Tooling Expert
5.1.2 Surveillance of the process
Surveillances managed by the Cortex ASM cell
Cf. SDS DYNATRACE - Windows Services + Warning Files
5.1.3 Oracle Surveillance
Surveillance managed by the Cortex ASM cell
SQL Server Surveillance : Supervison allowing us to ensure the database is online.
5.1.4 Application Surveillances
Surveillances managed by Compuware / Tooling Expert.
5.2 Backup
5.2.1 General Information
Backup of the200 Go on the Dynatrace ISV according to the standard Policy of backup of VMware:
1 Complete Backup per week with retention of 4 weeks of data on Saturday at 23 h
+ 1 Manual Backup with retention of 2 months of data
Backup is done by a VMware snapshot, mounted on a proxy of the type VCB/VADP. Then OBS with
networker tool starts the full offline backup.
5.2.2 Policy of backing up of the H1W1DCR00C Server:
Offers 1 THE N D.S.I catalogue list.
5.2.2.1 System Backup
Backup done by the Windows Backup Server (SSR2011).
5.2.2.2 Backup of data (NETWORKER)
Total Backup of VM (VCB).
5.2.3 Reporting of the errors of Backup
After analysis, the backup incidents encountered by the operator will be sent by mail to the
contributors of the operation.
5.3 Purge of Files
Not applicable: Automatic Recycling
5.4 Special Interventions on the System
N/A
5.5 Processing : events, retrieval, restorations
Remark : This chapter will be supplied progressively as and when the incidents occur during the operation.
Incident or event
Indicate the Name of the event
Creation : date of
creation of the file
MAJ : date of
updating the file
Importance of the event : indicate whether this is
blocking or not blocking
Time of resolution of the incident : Indicate here if the
operator can immediately resolve the event or not
(values : immediate, awaiting, and other).
Symptoms
Indicate the symptoms, which allow us to recognise or detect the event. Make a detailed description if possible
Prescriptions / Retrievals :
Action(s) :
Type :
Personnel(s) :
Speaker (s) :
Outline each action permitting the correction of an
event. An action can be for example the checking of
a file, the searching of the messages, insertion of a
tape for backup purpose, opening of a data...
(1)
(2)
(3)
(1) Indicate how to do the corrective action (value : batch, other).
(2) Indicate who should carry out the corrective action (values : cti, usi, cnpe, Project team, Integrator,
exs …).
(3) Indicate whether the interlocutor intervene in case of problems on the action.
6 Operating Instructions of the application
6.1 Test of the Operation of the application
Undertaken by GrDF
6.2 Stop procedure of the application
N/A
6.3 Procedure of the restart of the application
Production:
Servers Windows:
No start-stop of the application or BDD is required by Compuware during normal operations.
In case of an event, it is necessary to open a Compuware Support ticket by utilising the event file
supplied.
For the reboot of the Servers, one must follow the process of stop-restarting of Windows, which will
stop the services in the order of dependencies. Use the restart function of Windows.
Periodic Reboot of the Servers
Server :
H1W1DCR02T
SRV_ADS_BDD
H1W1DCR04N
SRV_CAS_WEB_BDD
H1W1DCR06H
SRV_CAS_NET_BDD
Place for the implementation of
the batch file :
To be defined
Name of the script :
Reboot task planned
Processing Function :
The processing includes a stop-start of the Windows services.
Personnel (s) :
Manual Action(s) :
Actions automatic :
ATOS
None
Launch mode:
Reboot task planned
Periodicity : to be defined
Conditions : None
Hour : before midnight and
after 7h Monday to Saturday
Description of the treatment : Standard Reboot of the Windows Servers refer to ATOS
6.4 The application launchers
N/A
6.5 Reception and flux emission checking
None
6.6 Special interventions on the Application
Supported by Compuware/Tooling Expert
6.7 Signaling and reassembling of the events
Cf 1.4
The events unresolved by the operator or those not part of his responsibilities will be recovered by
tooling team expert for analysis and its processing with the help of the Compuware editor by reallocation of the
incident file to the
g_dsi_cspi_supervision_sn3
group.
A mail or a telephone call will accompany the transmission of the event depending on its gravity.
The application having generated an application downtime or a major slowdown , as also backup problems will
be reported by mail to the contributors of the operation.
7 Log of the operation
Not applicable
8 SECURITY INSTRUCTIONS OF PSSI TO BE FOLLOWED
In an approach to improve the security level of the SI, GDFSUEZ has communicated, by it Security Committee
intermediary SI, a series of instructions:
Some of these measures are applicable to the installation dossier. Thèses are extracts of the following document.
Ref. DSI- Security-2005-010 Security instructions : Checking of the software access of the Information System
of GDGSUEZ
Ref. DSI-Security-2005-013 - Security instructions: Architecture and Operation- Information System
Equipments
8.1 Inspection of the logical access of the Information System of GDFSUEZ
DIR-PCA-12
The default access accounts (ex. manufactures accounts) to the applications,
resources and operating system should be neutralised before the start of
production (account suppressed or having a minimum lock by a complex
password different to the default password).
DIR-PCA-13
The accounts used during the development and the delivery / qualification
phases should be suppressed during the commissioning.
DIR-PCA-49
Directly readable copies of all credentials (example: paper, file, disk, CD-
ROM...) should be destroyed or sequestered (encrypted or locked) as soon as
the authentification parameter on the equipments or the applications are set.
DIR-PCA-63
All access accorded to third parties is subject to increased surveillance
(frequency of the checks, depth of the checks), under the surveillance of the
enabler and under the check of the Security-Surveillance Cell and/ or
supported by the local security (see. Directive of « Management of third
parties »).
DIR-PCA-65
The administrator of rights enforces the application « Management of the
security incidents» and escalates all serious anomalies to the enabler , and if
need be to the Security-Surveillance Cell and/ or the local security support
DIR-PCA-66
The enabler verifies the conformity between the access accorded and the
access which is in effect. All anamolies are reported to the Information Owner
or to the person responsible for the concerned domains of operations
8.2 Architecture and Operation: System Information Equipments
DIR-SR-36
It is forbidden to attach a simultaneous equipment to the Internal Network
and to all other network ( to the Internet) whatever the type of attachment
(RTC, ADSL, cable, local network, wireless, etc.). It is under the check of the
domain-network and Architecture / Development management. The specific
studies defining the technical architechture applicable in cases where this
principle cannot be applied (see. Directive of « management of the differences
and of the detoriations»). This is notably concerned with: Distance
telemaintenace via modem, when no alternative solution is possible; the
multifunctional equipments (fax, printer, photocopier), potentially connected
at the same time to the Internal Network and to the RTC. The studies allow
one to notably define the compensatory measures and to implement them so
as to limit the risk level. An example of the compensatory measure which may
be demanded are: call-back mechanisms, regular rotation of the access
passwords, connections at the initiative of the Internal Network only, filtering
mechanism, partitioning of the resources accessed, temporary activation of
distance access, etc.
Software Architecture
DIR-AEE-11
During the conception phase, the architects and the developers ensure that
the temporary files used by the software (editors, navigators, etc.) and
applications are regularly erased in such a manner, so as not to disclose
, unbeknownst to the user, the information which is correctly protected
otherwise
Supervision
DIR-AEE-59
The operator resets at the Security-Surveillance Cell all the significant
anomalies detected during the analysis of the logs conforming to the
procedures of resetting of incidents defined in the security guidelines
“ Management of the incidents”
Management of the backup / archives
DIR-AEE-62
The procedures and the tools of backup, of archiving and of restoration are
implemented.
- in accord with the standard solutions figuring in the Security and
Infrastructure Solutions repository,
In compliance with the claims made by the information owner and the
architects, on the basis of standard service offer of (solutions adapted to the
different levels of classification of the information).
Maintenance
REC-AEE-04
The antiviral updates are qualified (integrity, stability, etc), under the agesis of
the Security-Surveillance Cell before their deployment within the SI of
GDFSUEZ
6 ANNEXES
6.1 Competency Profile of the operators (ASM)
Information of the following products is expected from the operational team:
- Windows 2008 Standard Administration Atos LOT6
- SQL Server Admin PST
Application knowledge of DYNATRACE is not required.
Ref : DEX DYNATRACE Page 22 on 22
Index : 2.0
DEX DYNATRACE v2.0 GDF SUEZ IT 21/10/2013
GDF SUEZ SIÈGE SOCIAL GDF SUEZ
EuroAtrium 14-16 rue Touzet Gaillard 93400 Saint-Ouen France 22, rue du Lancereaux 75392 Paris Cedex 08 - France
Tél. +33 (0)1 71 86 18 00 Tél. +33 (0)1 57 04 00 00
GDF SUEZ - SA AU CAPITAL 2 191 532 680 EUROS - RCS PARIS 542 107 651
www.gdfsuez.com